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Contactless data transmission system 

BACKGROUND OF THE INVENTION 

The invention relates to a contactless data transmission system in 
accordance with the preamble of Patent Claim 1. 

For the transmission of encoded electronic data, data transmission 
systems are commonly used comprising a battery operated (IR/HF) 
remote control as transmitter module and a suitable receiver module. 
Furthermore, data transmission systems consisting of a transponder and a 
reader are also used in which initially by means of an inductive coupling 
power transmission takes place between reader and transponder and 
subsequently data transmission between transponder (transmitter) and 
reader (receiver). Data transmission systems of this kind are available on 
the market, especially in the field of motor vehicles, as a combination of 
electronic key (transponder) and electronic lock (reader) for the purpose of 
operating lock systems and antitheft devices in the form of immobilizers. 

Data transmission in the RF range (typically 100 kHz to 450 kHz) between 
the transponder, which essentially consists of an integrated circuit (IC) and 
a coil, and the reader can take place in several ways. 

Either unidirectionally by means of a fixed-code transponder which 
transfers as password each time readout takes place (each time data is 
transmitted) a fixed code stored in a programmable read-only memory 
(PROM) of the IC or bidirectionally by means of a read/write transponder 
which transfers as password each time readout takes place (each time 
data is transmitted) a variable code stored in a read/write memory * 
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(EEPROM) of the IC and after successful authorization from the reader 
receives a new code and enters this in the EEPROM. As an additional 
measure for enhancing security, not only are ciphering methods adopted 
but also algorithms are used to verify that the transponder and base 
5 station belong together. The following sequence results: 

- the base station generates an electromagnetic field; 

- this causes the transponder to be activated; 

- the transponder sends its identification number to the base station; 

- the base station checks the correctness of the identification number 
10 and generates a base station random number; 

- the base station random number is ciphered in the base station; 

- the ciphered base station random number is sent to the transponder 
where it is deciphered and thereby generates a transponder random 
number; 

15 - this transponder random number or a value dependent on the 
transponder random number is sent to the base station where it is 
checked for its correctness; 

- this transponder or base station random number is the input value for 
an algorithm that includes a variable which exists both in the base 

20 station and in the transponder, unique values being assigned to the 

variable of the algorithm through a secret code thus generating a 
transponder result in the transponder and a base station result in the 
base station. 

- The transponder result is sent to the base station. 

25 - Transponder result and base station result are compared in the base 
station. 



In such a sequence, identical results from transponder and base station 
can be obtained only when the secret code, the algorithm, the random 
30 number and the cipher in the two components are identical or at least 
known by the other component. 

The security and also the reaction speed of such a data transmission 
system depends among other factors on the format of the random 
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number, and especially on the number of bits that make up the random 
number. 

It is however disadvantageous here that the security and possibly the 
range and the reaction speed of a contactless data transmission system 
5 containing an algorithm for encoding cannot be modified. 

SUMMARY OF THE INVENTION 

The object of the invention is to provide a contactless data transmission 
system in which the reaction speed, the range and security can be 
subsequently modified, in particular depending on the application. 

5 10 The object of the invention has been solved by the features described in 
Patent Claim 1. The data transmission system here has at least one 

I device with which the various input data formats for the encoding 

algorithm are set. The device can consist of one or several additional 
hardware terminal connections or terminal connection assignments and 
15 switches or it can consist of one or several additional control signals that 

^1 determine the input data format. 

:3 The advantages of the invention are that it is no longer necessary to have 

different data transmission systems for different applications, instead 
identical data transmission systems can be used for different applications 
20 with different requirements. Also, the properties of such data transmission 
systems can be set individually for one and the same application. 

Advantageous further developments result from the subclaims where 
one and the same encoding algorithm is used for the various input data 
formats. Another advantageous further development results from the 
25 retention of the secret code irrespective of the input data format. 

BRIEF DESCRIPTION OF THE DRAWINGS 

The invention will now be described in more detail with reference to two 
examples of embodiment and figures. These show: 



Figure 1 : Encoding block 
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Figure 2a: Function block of the 32 bit encoding algorithm 

Figure 2b: Function block of the 64 bit encoding algorithm 

Figure 3: Effect of function f in the encoding algorithm 

Figure 4: Data transmission system 

5 DESCRIPTION OF THE PREFERRED ElVlBODIIVlENTS 

Figure 1 shows the encoding block. With a 64-bit input data format the 
random number R64 which has this format is first converted into a first 
variant Rq which consists of 8 bytes: a/, ae, as, 34, Bz, 32, ai, ao, where in 
turn each byte is made up of 8 bits. These 8 bytes are the input data for 

10 the encoding algorithm A64 with which a 64 bit random number can be 
processed. In the application example, the encoding algorithm A64 is 
made up of two components, namely A32A and A32B, where each 
component processes 32 bits. Of the two components of A64, at least one 
represents an independent encoding algorithm with which a calculation 

15 can be performed without consideration of the other part. The A64 
algorithm serves to process a random number with 64-bit format and the 
A32A and A32B each serve to process a 32-bit format. When processing 
the 8 bytes, the first 4 bytes a7, a6, a5, a4 are supplied to the component 
A32A and the other 4 bytes aS, a2, a1, aO to A32B. Subsequently, 8 

20 nibbles ny, Hq, ns, n4, n^, n2, ni, no and my, me, ms, m4, ms, m2, mi, mo are 
assigned to the 4 bytes ay, as, as, 34 und 33, 32, ai, ao in A32A and A32B 
respectively. Each nibble consists of 4 bits. The algorithm and its 
components include variables. These variables are assigned unique 
values by means of a 120 bit secret code. This secret code contains the 

25 key data which is used for A64 as well as for A32A and A32B. They are 
supplied to the encoding algorithm A64 from the outside. The encoding 
algorithm and the secret code must be selected such that they can be 
used for random numbers or random number variants with different 
formats. In the application example, this means for a random number or a 

30 random number variant with a format of: 
64 bits or 16 nibbles or 8 bytes or 
32 bits or 8 nibbles or 4 bytes. 

Furthermore, the encoding block has a control line with which the format 
of the random number or the random number variant can be selected by- 
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means of a control unit CONTROL. If a 64 bit format is selected via the 
control line S64/32, the encoding algorithm A64 is activated with its two 
components A32A and A32B. The result E32 at the output then has, for 
example, a 32 bit format. If, however, a 32 bit format is selected for the 
5 random number or random number variant via the control line S64/32, 
only the encoding algorithm A32A is active. The result Eie at the output 
then has a 16 bit format. The calculation times are shorter for the smaller 
fomnat and require less power. 

Figure 2a shows the function block of the 32 bit encoding algorithm A32A. 
10 This is a nibble-oriented encoding which is generated from 32 bits of a 
J!: random number R32 with at least a 32 bit format and which uses, for 

p example, a 120 bit format secret code. By means of this secret code, the 

iZ nibble permutation cta, the function f, the first substitution ti, the bit 

I J permutation as and the second substitution t2 can be defined uniquely, 

i3 15 Both the two permutations cja, ctb and also the two substitutions can be 

identical here, so that a a = ctb and/or ti = t2. 

At the beginning eight nibbles n^,n^,n^,n^,n^,n,,n^,n^ , the components of 

v.; the random number and each consisting of 4 bits, are permutated with 

:rh= and eight new nibbles n'^ ,n'^^n\,n'^,n*^,n2,n\,nQ are generated. After this, 

J;;J 20 these eight nibbles n'^ ,n'^yri^,n\,ri-^,n2,n[,nQ are supplied to a function f. 

Then the function result is subjected to a first substitution ti after which a 

further bit permutation as is performed. Finally, a second substitution xz 
takes place. This result serves to exchange the nibbles und «^ so that a 

new value with n-,,n^,n'^,n'^,n'^,n\,n\,nQ is created. This encoding process 

25 with the operations described above runs in a loop with, for example, 24 
rounds. 

Figure 2b shows the function block of the 64 bit encoding algorithm A64. 
This is a byte-oriented coding generated from a 64 bit random number R64 
and which uses, for instance, a 120 bit format secret code. By means of 
30 this secret code, the byte permutation ca, the function f, the first 
substitution ti, the bit permutation ob and the second substitution t2 are 
defined. The two permutations oa, ob and the two substitutions here can 
be identical so that oa = oa and /or xi = T2. 



At the beginning eight bytes a^.a^.a^.a^.a^.a^^a^.a^, provided by the 

random number and each consisting of 8 bits, are permutated with qa and 
eight new bytes a'^ ,a'^,a*^,a'^,a'^,a2,a[,a*Q are generated* After this, these 

eight bytes a'^ ,a'^M'^M\,a\,a*^,a\,a*^ are supplied to a function f. Then the 

5 function result is subjected to a first substitution ti after which a further bit 

permutation as is performed. Finally, a second substitution xz takes place. 
This result serves to exchange the byte so that a new value with 
a^,a'^,a'^,a'^,a'.,a'^_,a\M'Q is created. This encoding process with the 

operations described above runs in a loop with, for example, 24 rounds. 

10 Figure 3 shows how function f operates for the 32 and 64 bit encoding 
algorithm. Function f is structured such that it can work with different input 

data widths. The input data width can be reduced from 64 bits or 8 bytes 

{a^,a^,a^,a^,a.,a^_.a^MQ) or 16 nibbles 

{nj,n^,n^,}7^,n.,n^_,n^,nQ,mj,m^,m^,m^,m^,m2,m^,mQ) to 32 bits or 4 bytes 
15 (aj,a^,a^^a^) or 8 nibbles {ny^n^^n^,n^,n^^n2yn^ynQ), In the application 

example, four bits hi, lo for example are then assigned to each nibble. 

Then a logic operation is performed on all four-element bits hi, which have 
originated from the odd-numbered nibbles n^,n^,n^,n^ [m^.m^.m^.m^], 

generating a 4 bit result hi irrespective of the number of nibbles. The 
20 same happens with the four-element bits lo, which have originated from 
the even-numbered nibbles n^^n^^n^.n^ [m^.m^.m^.m^]. The end result 20 

of the function f then always has two nibbles or two four-element bits hi, 
lo irrespective of whether the n and m nibbles or the n nibbles alone have 
generated the 2-nibble result 20. This Figure is intended to illustrate that In 

25 the selection of the 64 bit encoding algorithm both blocks can be activated 
and in the selection of the 32 bit algorithm only the first block is used, 
where the same secret code can be used at all times with the same key 
data for the function f of the algorithm. Furthermore, the result that this 
function f supplies from Figures 2a and 2b always has the same format 

30 irrespective of the input data format. In this Figure, the control devices 
CONTROL, whose inputs are linked with the even and odd numbered 
nibble operations and whose output signals generate the result 20, are 
influenced by the control line S64/32. In this application example, a control 
line should be understood to mean a line or connection in which, for 
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example, programmable control signals are transferred that influence in 
software terms the calculation process or the device settings. 

Figure 4 shows the data transmission system for variable data formats. 
The data transmission system has a transponder 1 and a reader 2. The 
5 transponder 1 has a transponder coil 5, for power and data transmission, 
and an integrated circuit (IC) 13. The IC 13 has a transponder control unit 
3 for the power supply and sequence control, a memory unit 7 in which 
the identification number IDNR and the secret CODE are stored; likewise, 
intermediate results ZE can be stored here and an 
10 encoding/decoding/calculation unit 9 for generating the transponder result 
Et64/32 with the help of the reader's random number R64, R32, which is 
required as input value for the algorithm A64. 

The reader 2 consists of a coil 6, used for both power transmission and 
data transmission, the control unit 4 for sequence control, the memory unit 

15 8 for storing the identification number IDNR and the secret CODE, and the 
encoding/decoding/calculation unit 10 for generating the reader result 
El64/32 with the help of the reader's random number R64, R32, which is 
required as input value for the algorithm A64. Furthermore, the 
arrangement includes an electric, electronic, optical or mechanical switch 

20 12, or alternatively a control line as shown in the preceding Figures with 
which the format of the random number Re* or R32 is selected. 

After activation of the reader 2 - for instance, for a motor vehicle by 
operating the door handle or by switching on the ignition - power is 
transmitted from the coil 6 of the reader 2 to the coil 5 of the transponder 
25 1. This process is shown in the drawing by the arrow marked POWER 
beftween reader' 2 and transponder 1. The identification number IDNR, 
which is stored in the memory unit 7 of transponder 1 , is then sent via the 
control unit 3 to the reader 2. Transmission of the identification number is 
indicated by an arrow with the designation IDNR between transponder 1 
. 30 and reader 2, The identification number IDNR is verified in the reader 2, A 
reader random number R64/R32 is then generated in the reader 2. The 
format of the random number R64/R32 depends on the position of the 
switch 12. The random number has either a 64 bit format Re* or a 32 bit " 



format R32. This random number R64/R32 is sent in encoded form to the 
transponder 1. The random number R64/R32 is decoded in the device 9. 
The reader random number R64/R32 and the transponder random number 
R64/R32 should be identical in the application example. They provide the 
5 input data for the calculation with the reader algorithm A64 and similarly 
with the transponder algorithm A64. In the application example, the 
transponder algorithm and the reader algorithm are identical and with 
identical secret CODE and identical random number R64/R32 as input 
variable they generate an identical end result Et32/16, El32/i6 with 32 bit 

10 format and 16 bit format respectively. To enhance security, intermediate 
results ZE are generated during calculation. The intermediate result Is 
then used as new input value for the algorithm which then repeats the 
calculations over several rounds with the constantly changing intermediate 
results until the end result is obtained after, for example, 24 rounds. The 

15 transponder result Et32/i6 is then sent to the reader 2 where it is compared 
in a comparator VGL with the reader result calculated in the reader 2. 

The selection of the input data width, i.e. the selection as to whether a 64 
bit random number R64 or a 32 bit random number R32 is selected, can 
take place not only by means of a switch 12, as shown in this Figure, but 
20 also by means of a programmable control line S64/32 as portrayed in 
Figures 1 and 3. 

By changing over the input data format for the algorithm, the data sets to 
be transmitted and hence the power requirement too can be reduced and 
the reaction speed and range can be increased. With such a data 
25 transmission system, it is therefore possible for security steps to be 
programmed ^or set by means of a switch thus allowing subsequent 
adaptation of the specifications of the data transmission system to satisfy 
particular requirements. 

Data transmission systems of this kind with variable input data format for 
. 30 an encoding algorithm can be used not only for transponder systems but 
for all wireless transmission systems, especially electromagnetic, optical 
and high-frequency systems. 



